75 KiB

Raw Blame History

Release notes for kops 1.19 series

(The kops 1.19 release has not been released yet; this is a document to gather the notes prior to the release).

Significant changes

Changes to kubernetes config export

Kops will no longer automatically export the kubernetes config on kops update cluster. In order to export the config on cluster update, you need to either add the --user <user> to reference an existing user, or --admin to export the cluster admin user. If neither flag is passed, the kubernetes config will not be modified. This makes it easier to reuse user definitions across clusters should you, for example, use OIDC for authentication.

Similarly, kops export kubecfg will also require passing either the --admin or --user flag if the context does not already exist.

By default, the credentials of any exported admin user now have a lifetime of 18 hours. The lifetime of the exported credentials may be specified as a value of the --admin flag. To get the previous behavior, specify --admin=87600h to either kops update cluster or kops export kubecfg.

kops create cluster --yes exports the admin user along with rest of the cluster config, as was the previous behaviour (except for the 18-hour validity).

OpenStack Cinder plugin

Kops will install the Cinder plugin for kops running kubernetes 1.16 or newer. If you already have this plugin installed you should remove it before upgrading.

If you already have a default StorageClass, you should set cloudConfig.Openstack.BlockStorage.CreateStorageClass: false to prevent kops from installing one.

Other significant changes

New clusters will now have one nodes group per zone. The number of nodes now defaults to the number of zones.
On AWS kops now defaults to using launch templates instead of launch configurations.
Clusters using the Amazon VPC CNI provider now perform an ec2.DescribeInstanceTypes call at instance launch time. In large clusters or AWS accounts this may lead to API throttling which could delay node readiness. If this becomes a problem please open a GitHub issue.
There is now Alpha support for Hashicorp Vault as a store for secrets and keys. See the Vault state store docs.
New clusters running Cilium now enable BPF NodePort by default if the Kubernetes version is 1.12 or newer.
The kops update cluster command will now refuse to run on a cluster that has been updated by a newer version of kops unless it is given the --allow-kops-downgrade flag.
The lifetimes of certificates used by various components have been substantially reduced. The certificates on a node will expire sometime between 455 and 485 days after the node's creation. The expiration times vary randomly so that nodes are likely to have their certs expire at different times than other nodes.
New command for deleting a single instance: kops delete instance

Breaking changes

Support for Kubernetes 1.9 and 1.10 has been removed.
Support for the Romana networking provider has been removed.
Support for legacy IAM permissions has been removed. This removal may be temporarily deferred to kops 1.20 by setting the LegacyIAM feature flag.

Required Actions

See note about Openstack Cinder plugin above.

Deprecations

Support for Kubernetes versions 1.11 and 1.12 are deprecated and will be removed in kops 1.20.
Support for Terraform version 0.11 has been deprecated and will be removed in kops 1.20.
Support for feature flag Terraform-0.12 has been deprecated and will be removed in kops 1.20. All generated Terraform HCL2/JSON files will support versions 0.12.26+ and 0.13.0+.

Full change list since 1.18.0 release

v1.18.0-alpha.3 to v1.19.0-alpha.1

Add etcd-manager certificate expiration advisory @rifelpet #9030
Treat NatGatewaysNotFound error as already-deleted @johngmyers #9052
Allow cluster maintenance when channel is unavailable @johngmyers #9053
Release notes for 1.18.0-alpha.3 @justinsb #9075
Release notes for 1.17.0-beta.2 @justinsb #9073
Disable TX checksum offload for Flannel VXLAN @hakman #9074
Added support for configuring disable-attach-detach-reconcile-sync in… @andersosthus #9068
Add advisory notice to readme and docs homepage @rifelpet #9083
Revert "feat(openstack): propagate cloud labels to machines" @zetaab #9087
kube-apiserver: healthcheck via sidecar container @justinsb #9069
Include secondary protocol flag always @jacksontj #9008
Fix port conflict on etcd-cilium vs dns-controller memberlist @justinsb #9097
kube-apiserver-healthcheck: actually enable on 1.17 @justinsb #9098
Update instance_groups.md @ranshn #9072
Fix containerd image side-loading @hakman #9101
Dont use terraform's file() for singleline strings in GCE metadata @rifelpet #9084
Add documentation on gossip @olemarkus #9111
upgrade to use cinder v3 api @zetaab #9113
Fix zsh completion @olemarkus #9108
Add unit test for util/pkg/hashing/hash.go @Hellcatlk #9114
Spotinst: Allow users to disable the controller add-on @liranp #9091
Fail cluster validation if too few nodes for ig's target size @johngmyers #9126
Adding most recent version of kube-state-metrics - 1.9.5 @MoShitrit #9125
PKI code cleanup @johngmyers #9106
Return cluster validation failure if ASG missing @johngmyers #9118
Add EC2 Instance LifeCycle label @atmosx #9121
add some unit tests @q384566678 #8960
Remove code for unsupported Kubernetes version @johngmyers #9134
http download: set a timeout to avoid hangs @justinsb #9136
Move CNI docs to their own files @olemarkus #9107
Added Launch Template support for instance interruption behavior @tomesm,@rifelpet #9024
DNS: Don't try to apply empty changesets @justinsb #8464
Remove redundant menu item in the docs site @rifelpet #9144
Remove Classic networking from docs @johngmyers #9142
doc: Typo in docs/state.md @nvanheuverzwijn #9147
Spotinst: Documentation @liranp #9139
Map kube-apiserver service-account-jwks-uri flag @justinsb,@rifelpet #9133
Don't put bastions in the utility subnets @johngmyers #9124
Create golden image test for nodeup kube-apiserver @justinsb #8950
Add unit test for func matchesElbTags @hs0210 #8989
Remove support for reading legacy-format keypairs @johngmyers #9131
Update alpha channels with May updates @MoShitrit #9155
Add support for Kubenet with containerd @hakman #9104
[Digital Ocean] Handle logic for kops edit/update cluster @srikiz #9116
Move OS deprecations to deprecations section of relnotes @johngmyers #9093
Add unit test case for pkg/k8sversion/version_test.go @Hellcatlk #9112
Update OWNERS file @johngmyers #9105
Minor doc fix. address is not valid to use, will cuase etcd faili… @granular-ryanbonham #9160
GCE: don't rely on hostname being correct @justinsb,@rifelpet #9135
Reduce test flakiness @johngmyers #9164
Add unit test case for pkg/apis/kops/util/versions_test.go @Hellcatlk #9156
Spotinst: New hybrid integration mode @liranp #7252
Fix nodetask.File dependency on owner @johngmyers #9169
Networking cleanup @olemarkus #9157
Update DigitalOcean cloud-controller-manager to v0.1.24 @timoreimann #9179
Update etcd-manager to 3.0.20200527 @justinsb #9184
Use debian as default image for DO images @srikiz #9181
Remove all versions of a file form the S3 bucket @hakman #9171
Remove unused VFSScan @johngmyers #9174
Remove loader support for nodeup tasks not used in models @johngmyers #9170
Document etcd-manager backups retention settings @hakman #9187
Add gjtempleton as reviewer @johngmyers #9183
Fix nits for removal of S3 file versions @hakman #9188
Remove support for CoreOS and Jessie @johngmyers #9065
Update Bazel rules for Docker to v0.14.2 @hakman #9196
Remove support for the legacy etcd provider as of k8s 1.18 @johngmyers #8826
Add deprecation notice for legacy etcd provider to 1.17 relnotes @johngmyers #9201
Add comment in OWNERS linking to test-infra OWNERS files @rifelpet #9202
Fix repo packages not being installed @hakman #9203
Allow listing versions for objects in the S3 bucket @hakman #9205
Try validating multiple times before updating instancegroup @johngmyers #9165
Use kubescheduler.config.k8s.io/v1beta1 for Kubernetes 1.19 @hakman #9204
Update adding_a_feature.md with more modern example @johngmyers #9208
Add example for delete secret @q384566678 #9198
Upgrade docker/containerd/containeros hashes to SHA256 @johngmyers #9215
Release notes for 1.16.3 @justinsb #9219
Remove extraneous markdown files in pkg/apis @rifelpet #9220
Release notes for 1.17.0 @justinsb #9222
Remove unused file @johngmyers #9218
Update set-version script to bump tag in Makefile @justinsb #9224
Start release notes for kops 1.19 @justinsb #9223
Use AWS SDK to fetch metadata @justinsb #9227
S3 DeleteAllVersions: use pagination @justinsb #9228
Bump compatibility matrix for kops 1.17 @johngmyers #9225
Validation: MixedInstancePolicy need not override instance types @justinsb #9231
GCE: fix typo @justinsb #9232
Add packages hashes verification for containerd and Docker @hakman #9234
Remove vsphere cloud provider @olemarkus #9177
Update etcd-manager to 3.0.20200531 @hakman #9237
Don't build site when docs are unchanged @hakman #9235
Updating stable channel with May updates @MoShitrit #9212
Upgrde amazon vpc cni to 1.6.2 @MoShitrit #9214
Disable static tokens by default as of Kubernetes 1.18 @johngmyers #8850
Add example for describe secret @q384566678 #9241
Release notes for 1.18.0-beta.1 @justinsb #9242
1.18 release note corrections @johngmyers #9243
Update channels for 1.18 @mikesplain #9250
[Digital Ocean] Update RBAC for DO CCM @srikiz #9249
Remove redundant ValidateInstanceGroup call @rifelpet #9252
Add ARM64 build targets for kops and nodeup @hakman #8922
Remove all traces of utils.tar.gz @hakman #9197
Enable configuration of the calico IP_AUTODETECTION_METHOD and IP6_AUTODETECTION_METHOD @mtl-wgtwo #9175
Use CNI 0.8.6 for Kubernetes 1.15+ @hakman #9256
Add table of networking providers and their status @olemarkus #9140
Use Docker 19.03.11 for Kubernetes 1.18+ @hakman #9258
Fix link to point to aws docs @mikesplain #9263
Refactor Debian automatic upgrades to Go code @johngmyers #9213
Remove romana support @olemarkus #9255
Don't make it possible to toggle ipv4/6. We only support ipv4 anyway @olemarkus #9253
Update channel 1.15 k8s recommendation to 1.15.12 @jeffb4 #9266
Add support for encryption in Cilium @MoShitrit #9154
Bump Dashboard to v2.0.1 @maciaszczykm #9199
Update Calico and Canal for CVE-2020-13597 @hakman #9268
Tag all cilium keys with omitempty @olemarkus #9254
When building to staging, split out the marker files by branch @justinsb #9272
Move networking in nodeup to dedicated subpackage @olemarkus #9137
Bump supported and recommended k8s versions for kops 1.19 @johngmyers #9226
Clean up wording in releases.md @johngmyers #9230
Spotinst: Allow a user specifiable node draining timeout @liranp #9221
Validate IG RootVolumeType @olemarkus #9265
gce: log bucket-policy-only message at a level that always appears @justinsb #9276
Prepare Kops for multi-architecture support @hakman #9216
Ensure we have IAM bucket permissions to other S3 buckets @justinsb #9274
Refactor cert issuance code @johngmyers #9130
Allow failure of the ARM64 job in TravisCI @hakman #9279
Use Ubuntu 20.04 as the default image for Kubernetes 1.18+ @hakman #9283
Disable disk based evictions for Kubernetes 1.19 @hakman #9296
More nodeup golden tests @justinsb #9248
Adding recent releases to docs site @MoShitrit #9293
Update Weave for CVE-2020-13597 @hakman #9285
Create nodetasks.IssueCert() @johngmyers #9282
Don't export basic auth credentials if basic auth is disabled @johngmyers #9284
Copy "portmap" to /opt/cni/bin for Weave @hakman #9286
Update shipbot config @hakman #9277
Fix some go-lint warning @Hellcatlk #9236
Docs - add syntax highlighting + markdown cleanup @rifelpet #9308
Install common CNI plugin binaries for all network plugins @hakman #9310
Don't try building TLS for etcd-manager if not using etcd-manager @johngmyers #9302
Use ec2.DescribeInstanceTypes for machine type info @rifelpet #8856
Don't require nodeup tasks to have SetName() @johngmyers #9299
Refactor and improve API validation @johngmyers #9217
Disable kubeproxy when creating a kube-router cluster @rifelpet #9321
Use Docker 19.03.11 for Kubernetes 1.17+ @hakman #9317
Install all CNI plugin binaries for all network plugins @hakman #9320
Fix NPD when creating a kube-router cluster @rifelpet #9323
Fix mismatch in SecurityGroups handling with launch templates @johngmyers #9288
Allow docker options to be specified by create cluster overrides @bertinatto #9324
Issue kube-scheduler and kube-controller-manager certs in nodeup @johngmyers,@justinsb #9313
IAM: Refactor vfs-access logic so we can see the required readable paths @justinsb #9328
Update Weave Net to 2.6.5 @hakman #9330
Docs helptext @olemarkus #9333
Use launch templates by default @johngmyers #9289
Refactor kubemanifest to be clearer @justinsb #9342
Refactor BootstrapChannelBuilder to use a KopsModelContext @justinsb #9338
Issue kubecfg and kops certs in nodeup @johngmyers #9347
Update release notes for Ubuntu 20.04 and CVEs @hakman #9332
Add nodelocal dns cache to release notes and add kops version to docs @olemarkus #9351
Bug: Explicitly set default StorageClass to support upgrades @joshbranham #9337
Promote alpha channel to stable @johngmyers #9366
Prefer the GA label for node zone @johngmyers #9363
Cleanup networking docs @ari-becker #9349
Bump recommended kops versions in alpha channel @johngmyers #9361
Validate cilium version @olemarkus #9295
Fix kube-apiserver-healthcheck image @coreypobrien #9359
Remove the baremetal cloud provider @johngmyers #9360
Add "--selinux-enabled" flag for Docker @hakman #9334
Issue kubelet-api cert in nodeup @johngmyers #9356
Revert "Fix kube-apiserver-healthcheck image" @johngmyers #9371
Move host-network services off of port 8080 @johngmyers #9355
Remove bundler as baremetal support was removed @johngmyers #9372
Add support for AWS OIDC Provider @rifelpet #9375
NodeLocalDNS config population: small tweaks @justinsb #9376
Add comment on blocking jobs to actions @mikesplain #9305
Prune old metrics-server and update HPA docs @johngmyers #9233
Upgrade mkdocs to latest versions @rifelpet #9309
Store terraform launchtemplate userdata in plaintext rather than b64 @rifelpet #9340
Update alpha channel with June releases @MoShitrit #9384
try github actions failure to see if PRs can't be merged @rifelpet #9015
Run "go mod vendor" in verify-gomod @rifelpet #9389
Start moving InstanceGroup data to NodeupConfig @johngmyers #9391
Refactor to clean up TemplateFunctions @justinsb #9390
Revert "try github actions failures to see if PRs can't be merged" @rifelpet #9392
Add notice from k8s.io to docs site @mikesplain #9393
Issue aws-iam-authenticator cert in nodeup @johngmyers #9378
Updating cluster_spec doc. @michalschott #9380
Add a couple more "area" labels @rifelpet #9394
Cache terraform's providers between tests @rifelpet #9399
Stop creating SHA1 hashes for build artifacts @hakman #9400
Add initial support for ARM64 @hakman #8938
Use -mod=vendor for most go commands @rifelpet #9396
Add olemarkus as reviewer @hakman #9200
Temporarily use containerd from Docker packages @hakman #9346
Fix override css @mikesplain #9406
Upgrade Amazon VPC CNI to 1.6.3 @MoShitrit #9408
Fold multiple integration test cases into the complex test case @rifelpet #9409
Move apply logic down into pkg for import use @johngmyers #9411
Clean up the HA docs @olemarkus #9387
Add master and node image options when creating a cluster @hakman #9407
Implement VFS for vault @olemarkus #9094
Rolling update instance groups in consistent order @johngmyers #9412
Refactor lyft config file to Go code @johngmyers #9410
Update 1.17-NOTES.md @wangxy518 #9414
Make dns pods work on arm64 clusters @olemarkus #9418
Typo and wording fix to getting_started/commands doc @MoShitrit #9417
Alicloud: Refactor LoadBalancerWhiteList to LoadBalancerACL @bittopaz #8304
Remove PHONY declaration on non-phony targets @johngmyers #9419
Build and publish only Linux AMD64 Kops artifacts for CI @hakman #9401
Remove more sha1-generation code @johngmyers #9423
Fix: dns-controller: 3999 port address already in use @vgunapati #9404
Fix dns selectors for older k8s @olemarkus #9431
Fix staticcheck error with Go 1.14 @johngmyers #9434
Remove kube-discovery @johngmyers #9435
Start pushing create_cluster logic into pkg @johngmyers #9413
Spotinst: Add missing lifecycle to awstasks.SecurityGroup @liranp #9445
Prepatory refactoring of BootstrapScript @johngmyers #9402
Fix cilium etcd migration @olemarkus #9451
Spotinst: Support for Root Volume Size in Ocean Launch Spec @liranp #9459
Spotinst: Upgrade the Spotinst controller to version 1.0.61 @liranp #9460
Remove dead cloudup code @johngmyers #9422
Refactor BootstrapScript into a Task @johngmyers #9449
Refactor how api-server addresses are exported from tasks @johngmyers #9450
Add unit test for func VersionedJSON @Hellcatlk #9458
Cilium requires manual restart when migrating to nodeport @olemarkus #9454
Bump k8s versions for alpha channel with latest releases @MoShitrit #9455
Enable nodeport by default @olemarkus #9425
Update staticcheck to latest version @rifelpet #9463
Add Ambassador addon to kops @concaf #9115
Update Calico to v3.15.0 for k8s 1.16+ @hakman #9444
Update KubeDNS to v1.15.13 @hakman #9462
Refactor more cluster creation code into NewCluster() @johngmyers #9443
Update the service manifest for Docker @hakman #9465
Cleanup tempfiles @zhijianli88 #9472
Fix where etcd-cluster-spec is writen when etcd's BackupStore is defined -v2 @rdrgmnzs #9474
Create separate field for disabling rolling updates @johngmyers #9348
Move more cluster creation code to NewCluster() @johngmyers #9467
Continue moving InstanceGroup data to NodeupConfig @johngmyers #9415
Use new templates for cilium 1.8 @olemarkus #9424
Update terraform docs with version compatibility @rifelpet #9488
Updating the YAMLs for Ingress-Citrix Addon @christus02 #9480
Allow CI builds to build a tagged version @justinsb #9493
Release 1.19.0-alpha.1 @justinsb #9494

1.19.0-alpha.1 to 1.19.0-alpha.2

Use kubelet docker-specific flags only for Docker @hakman #9495
cloudbuild: Push additional images from cloudbuild @justinsb #9497
Release notes for 1.19.0-alpha.1 @justinsb #9498
Release notes for 1.16.4 @justinsb #9501
Update bazel rules versions @rifelpet #9428
Release notes for 1.17.1 @justinsb #9503
Default ClusterDNS appropriately when NodeLocalDNS is enabled @johngmyers #9491
Fixing typos and rewording docs/examples/basic-requirements.md @MoShitrit #9442
Move more cluster creation code to NewCluster() @johngmyers #9490
Continue refactoring certs into nodeup @johngmyers #9354
Update AWS VPC CNI docs to use --networking amazonvpc @rifelpet #9509
Update aws-sdk-go to v1.32.13 @hakman #9510
Add Ambassador documentation to addons docs @concaf #9516
Move remaining new cluster setup to pkg @johngmyers #9513
Changing base image for node authorizer. @michalschott #9056
Update kube-router to v1.0.0 @hakman #9512
Remove deprecated function @johngmyers #9514
Add ability to set various cilium flags through CLI @olemarkus #8928
Add tag support to AWS launch templates @rifelpet #9519
Fix a link typo in the networking.md @nikola-milikic #9461
Cilium parse k8s version url @olemarkus #9525
Cloudmock cleanup - preparation for EC2 tag-on-create @rifelpet #9520
Update mock version to 1.19.0-alpha.1 @hakman #9527
Use EC2's tag-on-create for various resources @rifelpet #9529
Fix KubeDNS missing resourceVersion @phspagiari,@hakman #9521
Use filebase64 for launch template userdata and Terraform 0.12 @rifelpet #9532
Promote alphas to stable @olemarkus #9537
Add some err judgments @zhouhao3 #9538
Force single arch support via env var @hakman #9535
Add lyft hash environment variable @hintofbasil #9539
Update AWS IAM Authenticator to 0.5.1 @rifelpet #9540
Update CoreDNS to v1.7.0 - Take 2 @rajansandeep #9541
Add healthcheck to aws-iam-authenticator @rdrgmnzs #8991
Re-enable disk based evictions for Kubernetes 1.19 @hakman #9475
Switch AWS NAT Gateway creation to use tags on create @rifelpet #8726
Improve Makefile @johngmyers #9542
Remove the checksum workaround for Flannel VXLAN @hakman #9543
Widen the tolerations of kuberouter @johngmyers #9547
Add missing lifecycle to etcd keypair tasks @johngmyers #9553
Use a stable key for signing service account tokens @johngmyers #9534
Use distroless image as base for Protokube @justinsb,@hakman #9403
Use stable names for GH workflow jobs @hakman #9552
File permission test: clear umask before testing @justinsb #9562
Don't try to delete terraform providers @justinsb #9561
Release notes for 1.18.0-beta.2 @justinsb #9563
Remove old unused files @rifelpet #9564
Add support for uploading to private buckets @johngmyers #9568
Upgrade to go 1.14.4 @rifelpet #9499
Upgrade go to 1.14.5 @rifelpet #9572
Update goimports script for go 1.14 @rifelpet #9573
[Digital Ocean] Implement KOPS validate cluster @srikiz #9476
Update alpha channel with July releases @hakman #9579
Use fixed UID for etcd user and restrict to legacy provider @johngmyers #9581
Adding feature stability table to docs and including one example for encryption support in cilium @MoShitrit #9555
Print error during cluster delete for dependency violation @hakman #9589
Specify user on export kubecfg @olemarkus #9280
Require extra flag when updating cluster with downgraded kops version @johngmyers #9362
Create one nodes instance group per zone @johngmyers #9471
Promote Ciprian & John to approvers @hakman #9590
Remove unused and unmaintained Docker build targets @hakman #9576
Remove min width on tables @mikesplain #9592
Remove support for legacy IAM permissions @johngmyers #9492
Update stable channel with July releases @hakman #9596
Improve locking in memfs @johngmyers #9597
Docs - Add the new feature table to various feature sections @rifelpet #9585
Update stretch images (from 1.11) in alpha channel @justinsb #9599
Restore default SELinux security contexts for container runtime binaries @hakman #9584
Revert move to explicit dependencies @johngmyers #9605
Prefer nodes with "master" role for Calico Typha pods @hakman #9609
Add Ubuntu 20.04 support for Docker 18.06.3 @hakman #9616
Openstack fixes @olemarkus #9554
remove LB circular in OpenStack @zetaab #9623
fix(docs): render double curly braces @FrankYang0529 #9626
Use public client accessors within openstackCloud functions @rifelpet #9628
Exempt OpenStack from the EnableExternalCloudController feature flag @johngmyers #9629
Fix int to string conversions @hakman #9630
add os.RemoveAll err verification @zhouhao3 #9610
Update instructions for fixing verify-gomod.sh @johngmyers #9636
Add repo SECURITY.md @joelsmith #9638
Use "tag on create" for AWS Route Tables @rifelpet #9639
Spotinst: Upgrade the Spotinst controller to version 1.0.62 @liranp #9642
Add tagging support for AWS Keypairs @rifelpet #9533
Make ARM64 job blocking with TravisCI @hakman #9644
Upgrade Go to version 1.15rc1 @hakman #9641
Replace custom codegen package with gengo @johngmyers #9632
Calico: Upgrade the "k8s-ec2-srcdst" controller to version v0.3.0 @seh #9647
Remove dead code from tasks @johngmyers #9646
Cleanup AWS EC2 eventual consistency warnings @hakman #9637
Cleanup unused loader features @johngmyers #9649
Promote alpha channel to stable @johngmyers #9652
Remove tags from NodeupConfig @johngmyers #9650
Release 1.19.0-alpha.2 @justinsb #9654

1.19.0-alpha.2 to 1.19.0-alpha.3

Update Calico to v3.15.1 for k8s 1.16+ @hakman #9656
Release notes for 1.19.0-alpha.2 @justinsb #9658
Use BAZEL_OPTIONS for bazel build @srikiz #9651
Document new release process for kops 1.19 and on @justinsb,@rifelpet #9660
Prefer nodes with "master" role for Canal Typha pods @hakman #9663
Refactor networking assets finder @hakman #9665
Release notes for 1.18.0 @justinsb #9668
Update releases.md and alpha channel for 1.18.0 release @johngmyers #9669
Refactor openstackCloud to be mockable, add a MockCloud @rifelpet #9645
GCE: Fix spurious comparison failures on adddress & InstanceTemplate @justinsb #9671
Upgrade cluster-proportional-autoscaler to multi-arch image @johngmyers #9674
Move cluster-proportional-autoscaler to worker nodes @hakman #9676
When channel is unavailable, don't try to validate things from it @olemarkus #9559
Determine fixedip during nodeup directly @olemarkus #9560
Remove embedded structs from spotinst terraform types @rifelpet #9682
Spotinst: Change ScaleDown.MaxPercentage from int to float64 @liranp #9683
Update protobuf to v1.4.2 @hakman #9686
Add missing locking in MockEC2 @johngmyers #9677
Openstack - Don't panic if the dns zone is not found @rifelpet #9690
Add an initial structure for openstack cloudmock @rifelpet #9691
Spotinst: Upgrade the Spot Cluster Controller to version 1.0.63 @liranp #9696
Add markdown code block to bug report GH issue template @rifelpet #9697
Spotinst: Selecting a default Instance Group in Spot Ocean should be optional @liranp #9699
[Digital Ocean] Upload binaries to DO Spaces @srikiz #9672
Adds support for using OS application credentials @olemarkus #9702
Allow configurable backend modes for aws-iam-authenticator @WarpRat #9500
Add support for cilium on openstack @olemarkus #9703
Update Go to v1.15rc2 @hakman #9709
Update k8s dependencies to v1.18.6 @hakman #9711
Fix bazel darwin hash for Go 15rc2 @hakman #9714
Make it possible to change subnet dns servers @olemarkus #9715
Update example for Resources Reservation @hakman #9708
Improve the error logged when multiple DNS Zones match the provided name @rifelpet #9717
Default kubelet authorization-mode to Webhook for k8s 1.19+ @johngmyers #9718
Respect Topology when assigning floating ips or not @olemarkus #9701
Capture logs from a kops cluster @justinsb,@rifelpet #8577
Update docs for Amazon Linux 2 @hakman #9720
Update SECURITY_CONTACTS @johngmyers #9627
Remove amd64 TravisCI jobs @rifelpet #9005
Implement Openstack cloudmock, add integration test @rifelpet #9722
Add cinder plugin @olemarkus #9700
Add windows job to GH workflows @hakman #9721
Add instance-selector cmd to toolbox @bwagner5 #9478
Upgrade CI jobs to go 1.15.0 @rifelpet #9733
Upgrade AWS VPC CNI provider to 1.6.4 @rifelpet #9734
Update Go to v1.15.0 for Bazel @hakman #9735
Add missing cli options for kube-controller-manager and kube-scheduler @Evalle #9726
Fix test-windows target @hakman #9738
Add an integration test for openstack floating ip @olemarkus #9739
Fix update and verify goimports @hakman #9740
Upgrade to Terraform 0.13.0 @rifelpet #9742
Update cluster-proportional-autoscaler to v1.8.3 @hakman #9744
Update link names for releases @hakman #9743
Update images docs @hakman #9736
Remove unused Tags and FSRoot from NodeUp @hakman #9737
Spotinst: Support for Instance Types in Ocean Launch Spec @liranp #9746
Update alpha channel with August releases @MoShitrit #9748
Update shared-VPC documentation @johngmyers #9719
Support for using hostPort when using kube-router @andsens #9689
Move kubernetes 1.18 from alpha to stable @mariusv #9754
Add the client cert / ACM cert known issue to the 1.18 release notes @rifelpet #9758
Remove unused tags functionality @johngmyers #9759
Default kubelet authenticationTokenWebhook to true for k8s 1.19+ @johngmyers #9757
Reduce the lifetime of exported kubecfg credentials @johngmyers #9593
Add ARM64 support for masters @hakman #9566
Clear KOPS_FEATURE_FLAGS in update-expected.sh @justinsb #9764
Bootstrap worker nodes using kops-controller @johngmyers #9653
Upgrade to klog v2 @rifelpet #9765
Issue more certs out of kops-controller @johngmyers #9771
Fix backwards compatibility when backend mode isn't set @WarpRat #9755
Update more klog v1 references to v2 @rifelpet #9772
Document Docker iptables settings @hakman #9760
Use /etc/os-release to identify the distribution @hakman #9766
Issue the cilium etcd client cert out of kops-controller @johngmyers #9776
Only add OS variables if they are needed @olemarkus #9778
Add support for containerd v1.4.0 @hakman #9777
Don't give access to calico-client key when not needed @johngmyers #9779
Squash patch versions of old release notes @hakman #9770
Enhancement in Ubuntu or debian apt-get and CI issue fix @Rajpratik71 #8687
feat(openstack): propagate cloud labels to machines @mitch000001 #9211
Add release note about cert expiration @johngmyers #9781
Put userid in kubecfg cert CommonName @johngmyers #9780
Adding support for permission boundaries for AWS IAM Roles @victorfrancax1 #9773
Update Weave Net to v2.7.0 @hakman #9783
Upgrade AWS VPC CNI to 1.7.0 @MoShitrit #9786
Unset more env vars in update-expected.sh @rifelpet #9789
Ignore the disableTxChecksumOffloading flag for Flannel and Canal @hakman #9782
Add flag for root volume encryption @hakman #9793
Don't use nova for glance mocks @olemarkus #9792
Fix feature flag typo in release notes @rifelpet #9796
De-emphasize bootstrap tokens and document node authorization as depr… @johngmyers #9791
Update the openstack getting started docs @olemarkus #9797
Mock create server should associate with mock ports @olemarkus #9798
Upgrade gophercloud to v1.11.0 @olemarkus #9800
Update validation for Calico to assume etcd3 as default @hakman #9803
Update API slice fields to not use pointers @rifelpet #9802
Bump stable versions from alpha @MoShitrit #9804
Release 1.19.0-alpha.3 @hakman #9801

1.19.0-alpha.3 to 1.19.0-alpha.4

Upgrade kubernetes dependencies to 1.19.0-rc.4 @rifelpet #9565
Release notes for 1.19.0-alpha.3 @hakman #9805
Stop trying to pull the Protokube image @hakman #9809
Add all images to GH release @hakman #9811
Refactor: KopsModelContext embeds IAMModelContext @justinsb #9814
Adding docs on AWS Permissions Boundaries support @victorfrancax1 #9807
Fix GCE cluster creation with private topology @rifelpet #9815
Support writing a full certificate chain @justinsb #9812
Update Calico to v3.15.2 for k8s 1.16+ @hakman #9816
Update kube-router to v1.0.1 @hakman #9818
Remove compute floating ip extension @olemarkus #9790
Pull images from k8s.gcr.io/kops instead of docker.io/kope @hakman #9808
Upgrade AWS VPC CNI to 1.7.1 @MoShitrit #9822
Update k8s dependencies to v1.19.0 @hakman #9824
Remove unknown rules from managed security groups on openstack @olemarkus #9820
Add --internal flag for export kubecfg that targets the internal dns name @rifelpet #9732
Reconcile ports and floating ips @olemarkus #9821
GCE - Set Bastion InstanceGroup zone @rifelpet #9827
Move from debian-hyperkube-base to debian-base for node-authorizer @rdrgmnzs #9828
Add kops delete instance command @olemarkus #9784
remove nodeAffinity from typha @ozdanborne #9826
Use the get_workspace_status script to get the versions @justinsb #9830
cloudbuild: allow CI env var to be specified @justinsb #9831
TaskDependentResource: support preview when the task isn't ready @justinsb #9837
Addons: Support arbitrary additional objects @justinsb #8119
add support for cors-allowed-origins @etwillbefine #9838
Implement setter by reflection @justinsb #8896
Expose JWKS via a feature-flag @justinsb #9813
Support authentication helper for kubectl @justinsb #9667
Always use OpenStack Swift reauthentication @justinsb #9836
Upgrade cilium versions @olemarkus #9843
Dont generate the ssl_certificate_id field on TCP listeners in Terraform @rifelpet #9839
Spotinst: Upgrade the Spot Cluster Controller to version 1.0.64 @liranp #9846
Update OpenStack CSIDriver to v1 and update few csi deps @zetaab #9847
Remove more machinery for file-based cloudup models @johngmyers #9841
Keep SHELLCHECK_IMAGE vesion sync with SHELLCHECK_VERSION defined before @MaXinjian #9849
Cloudinstances refactor @olemarkus #9799
Populate cloudinstances data on openstack @olemarkus #9850
Refactor IAM route53 construction @justinsb #9853
Improve description of detaching instances @johngmyers #9859
Add command for listing cloud instances @olemarkus #9762
fix "unbound variable" issue @MaXinjian #9851
Add instance info to detached nodes @olemarkus #9860
Update installation @inductor #9864
Update Calico to v3.16.0 for k8s 1.16+ @hakman #9829
Update alpha channel k8s 1.16 to 1.16.15 and Ubuntu image to latest available @MoShitrit #9869
Implement cluster autoscaler as bootstrap addon @olemarkus #9787
Bump cilium to 1.8.3 @olemarkus #9871
Openstack golden servergrouptests @olemarkus #9874
Map ENOENT to ErrNotExist in FSPath @johngmyers #9877
Update Go to v1.15.1 @hakman #9878
Add kubelet cgroup driver property @bmelbourne #9879
verify-terraform: rearrange arguments to find @justinsb #9881
Update mock version to 1.19.0-alpha.3 @hakman #9884
Use new GitHub artifact names for mirrored assets @hakman #9882
Use root volume encryption flag for LaunchConfiguration with TF and CF @hakman #9872
Errors when encryptionConfig is enabled, but no encryptionconfig secret @olemarkus #9885
Add missing spot support to launch template direct render @johngmyers #9897
Don't explicitly set insecure-bind-address on newer k8s @olemarkus #9899
Deprecate old cluster autoscaler addon @olemarkus #9892
Update Calico to v3.16.1 @hakman #9894
Nodelocalcache configure resources @commixon #9901
Release notes for 1.17.2 @justinsb #9902
Release notes for 1.18.1 @justinsb #9904
Allow caching of Nodeidentity Info in kops-controller for AWS. @rdrgmnzs #9908
Simplified form of IAM Roles for ServiceAccounts @justinsb #9352
Detect AWS region for S3 inside containers @hakman #9857
Only apply external policies when these are defined @kesor #9867
Get launch template versions after filtering templates @johngmyers #9909
Remove constraint of setting volume type for OS @olemarkus #9907
Remove force_tcp flag for nodelocalcache dot zone @astrikos #9917
Validate labels @olemarkus #9918
Add missing setResources on CA task @justinsb #9919
Add missing flags to cluster autoscaler template @olemarkus #9925
Add unit test for pkg/apis/kops/model/features.go @hs0210 #9883
Continue if asg instance is unknown @olemarkus #9900
Allow the BootstrapClient task to run after Protokube @hakman #9911
Document process to get older releases into artifacts.k8s.io @justinsb #9934
Don't write application credentials to cloud config unless external CCM is enabled @olemarkus #9935
add kube-system psp to system:nodes @zetaab #9941
use subnet also when creating floatingip @zetaab #9936
Block external CCM for k8s less than 1.13 @olemarkus #9943
Force external cloud controller manager on OS @olemarkus #9942
Update Go to v1.15.2 @hakman #9944
Only add additional policies to kops managed IAMRoles @hakman #9924
Release 1.19.0-alpha.4 @hakman #9949

75 KiB Raw Blame History